[Cryptography] Equation Group Multiple Malware Program, NSA Implicated
Bill Frantz
frantz at pwpconsult.com
Mon Feb 16 20:43:47 EST 2015
On 2/16/15 at 1:17 PM, fergdawgster at mykolab.com (Paul Ferguson) wrote:
>>GETTING THE SOURCE CODE
>>
>>Raiu said the authors of the spying programs must have had access
>>to
>the proprietary source code that directs the actions of the hard
>drives. That code can serve as a roadmap to vulnerabilities, allowing
>those who study it to launch attacks much more easily.
>>
>>"There is zero chance that someone could rewrite the [hard drive]
>operating system using public information," Raiu said.
While I agree that getting the source code by asking for it,
perhaps as part of a security review, is the most likely route,
I really think the NSA could reverse engineer hard drive control
code. My guess is that reverse engineering is much easier than
decrypting Verona. This technique might be useful for a secret
foreign piece of hardware.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345
Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos,
CA 95032
More information about the cryptography
mailing list